Posted!

Join the Conversation

Comments

Welcome to our new and improved comments, which are for subscribers only.
This is a test to see whether we can improve the experience for you.
You do not need a Facebook profile to participate.

You will need to register before adding a comment.
Typed comments will be lost if you are not logged in.

Please be polite.
It's OK to disagree with someone's ideas, but personal attacks, insults, threats, hate speech, advocating violence and other violations can result in a ban.
If you see comments in violation of our community guidelines, please report them.

In the wake of the hacking of Sony, all eyes are now on North Korea's disruptive online capabilities. But the cyber warfare potential of another rogue state — Iran — is also growing, and it could soon constitute a major threat to the United States.

That's the conclusion of a new report chronicling the past two years of Iranian activity in cyberspace.

"Since at least 2012, Iranian actors have directly attacked, established persistence in, and extracted highly sensitive materials from the networks of government agencies and major critical infrastructure companies in the following countries: Canada, China, England, France, Germany, India, Israel, Kuwait, Mexico, Pakistan, Qatar, Saudi Arabia, South Korea, Turkey, United Arab Emirates and the United States," notes the 86-page study, issued by California-based cyber security firm Cylance earlier this month.

The cause for Iran's activism can be traced back to 2009-10, when the Stuxnet cyberworm temporarily wreaked havoc on its uranium enrichment capabilities. That bit of malware — commonly attributed to Israel and the U.S. — was followed by others, including the software script Stars, the cyber espionage program Duqu, and Flame, a virus reportedly designed to map Iran's nuclear network.

In all, Iran's nuclear program has been attacked no fewer than six times over the past half-decade. As a result, Iran's leaders concluded — with considerable merit — their regime has become the target of a campaign of virtual subversion by the West. And they have responded in kind.

Over the past two years, a number of significant cyber incidents have been tied to Iran in one way or another. These include a major hacking campaign against Saudi Aramco oil company in 2012, attacks on U.S. banks and financial institutions in 2012 and 2013, repeated attacks on Israeli infrastructure targets last year, and — most recently — the penetration last year of the U.S. Navy's unclassified networks.

All of these, the Cylance study concludes, are part of a systematic campaign by Iranian hackers to target critical infrastructure around the world. The scope of the effort mapped out by Cylance is breathtaking. It includes, among other targets, oil and gas firms in France, Kuwait, Qatar and Turkey; aviation hubs in Pakistan and South Korea; energy and utilities companies in Canada and the U.S., and government agencies in Qatar, United Arab Emirates and America.

Iran might be playing nice with the West at the moment. There has been a notable decrease in the frequency of cyber attacks on Western targets since the start of the nuclear negotiations in November 2013. But if there is a breakdown of the talks, and a renewed imposition of sanctions against a recalcitrant Iranian regime, cyberwar could again be a distinct possibility.

The Iranians, at least, seem to think so. In February, Iran's supreme leader, Ayatollah Ali Khamenei, issued a special message to the country's university students in which he urged them specifically to prepare for such a conflict with the West. The target, according to Khamenei, would be "the Dominance Power" — a common Iranian euphemism for the U.S.

We should stand so instructed.

Ilan Berman is vice president of the American Foreign Policy Council in Washington, D.C.